Skip to main content
SpringerLink
Log in
Book cover

Encyclopedia of Biometrics pp 271–279Cite as

Biometric Vulnerabilities, Overview

  • Reference work entry
  • First Online:

Definition

Biometric systems, like all security systems, have vulnerabilities. This entry provides a survey of the many possible points of attack against traditional biometric systems. The vulnerabilities of nontraditional systems, such as those based on encoded biometrics, are surveyed in the article Security and Liveness, Overview. Here, biometric system security is defined by its absence: a vulnerability in biometric security results in incorrect recognition or failure to correctly recognize individuals. This definition includes methods to falsely accept an individual (spoofing), to decrease overall system performance (denial of service), or to attack another system via leaked data (identity theft). In this entry, each stage of biometric processing is analyzed and the potential vulnerabilities discussed. Techniques to structure the analysis of vulnerabilities, such as Attack Trees, are described, and four application scenarios and their vulnerabilities are considered.

Introduction

Th...

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   899.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD   549.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Biometric testing campaign report (addendum to part i), Technical report, International Labour Organization, Geneva, 2005, http://www.ilo.org/public/english/dialogue/sector/papers/maritime/sid-test-report2.pdf

  2. Cracked it! The Guardian, 17 Nov 2006, http://www.guardian.co.uk/idcards/story/0,,1950229,00.html

  3. B. Cukic, N. Barlow, Threats and countermeasures, in Biometrics Consortium Conference, Washington, DC, 2005

    Google Scholar 

  4. G. Doddington, W. Liggett, A. Martin, N. Przybocki, D. Reynolds, Sheep, goats, lambs and wolves: an analysis of individual differences in speaker recognition performance, in Proceedings of the International Conference on Auditory-Visual Speech Processing, Sydney, 1998

    Google Scholar 

  5. N. Ferguson, B. Schneier, Practical Cryptography (Wiley, New York, 2003)

    Google Scholar 

  6. Generating images from templates, Technical report, 2002, http://www.ibgweb.com/reports/public/reports/templates_images.html

  7. InterNational Committee for Information Technology Standards (INCITS), Study report on biometrics in e-authentication, technical report incits m1/06-0693. Technical report, 2006, http://www.incits.org/tc_home/m1htm/2006docs/m1060693.pdf

  8. ISO, Standing document 2, version 5 – harmonized biometric vocabulary. Technical report, 2006. Technical report ISO/IEC JTC 1/SC 37 N 1480

    Google Scholar 

  9. ISO/IEC Working Draft 30107, Information Technology – Anti-Spoofing and Liveness Detection, ISO/IEC JTC 1/SC 37 Biometrics

    Google Scholar 

  10. A.K. Jain, A. Nagar, K. Nandakumar, Biometric template security. EURASIP J. Adv. Signal Process. Article ID 579416, 17p (2008)

    Google Scholar 

  11. D. Kundur, C.-Y. Lin, B. Macq, H. Yu, Special issue on enabling security technologies for digital rights management, in Proceedings of the IEEE Conference, vol. 92, 2004, pp. 879–882

    Google Scholar 

  12. Liveness detection in biometric systems, Technical report, 2002, http://www.ibgweb.com/reports/public/reports/liveness.html

  13. T. Matsumoto, H. Matsumoto, K. Yamada, S. Hoshino, Impact of artificial “gummy” fingers on fingerprint systems, Proceedings of SPIE, vol. 4677 (2002)

    Google Scholar 

  14. A.P. Moore, R.J. Ellison, R.C. Linger, Attack modeling for information security and survivability. Technical report, Carnegie Mellon University, Pittsburgh, 2001

    Google Scholar 

  15. N.K. Ratha, J.H. Connell, R.M. Bolle, Enhancing security and privacy in biometrics-based authentication systems. IBM Syst. J. 40, 614–634 (2001)

    Google Scholar 

  16. P.E. Ross, Loser: passport to nowhere. IEEE Spectr. 42, 54–55 (2005)

    Google Scholar 

  17. M.B. Salter, Passports, mobility, and security: how smart can the border be? Int. Stud. Perspect. 5, 71–91 (2004)

    Google Scholar 

  18. B. Schneier, Attack trees. Dr. Dobb’s J. 24, 21 (1999)

    Google Scholar 

  19. B. Tan, S. Schuckers, Spoofing protection for fingerprint scanner by fusing ridge signal and valley noise. Pattern Recognit. 43(8), 2845–2857 (2010)

    MATH  Google Scholar 

  20. L. Thalheim, J. Krissler, Body check: Biometric access protection devices and their programs put to the test. c’t Mag. (2002). www.heise.de/ct/english/02/11/114/

  21. C. Tilton, Biometrics in e-authentication: threat model, in Biometrics Consortium Conference, Baltimore, 2006, http://www.biometrics.org/bc2006/presentations/Wed_Sep_20/Session_III/Biometrics_and_EAuth/20_Tilton_e-auth_threat.pdf

  22. U. Uludag, A.K. Jain, Attacks on biometric systems: a case study in fingerprints, in Proceedings of SPIE-EI 2004, Security, Steganography and Watermarking of Multimedia Contents VI, San Jose, 2004, pp. 622–633

    Google Scholar 

  23. S. Yoon, J. Feng, A.K Jain, Altered fingerprints: analysis and detection. IEEE Trans. Pattern Anal. Mach. Intell. 34(3), 451–464 (2012)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Systems and Computer Engineering, Carleton University, 1125 Colonel By Drive, Ottawa, ON, Canada

    Andy Adler

  2. Clarkson University, Potsdam, NY, USA

    Stephanie A. C. Schuckers

Authors
  1. Andy Adler
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Stephanie A. C. Schuckers
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Andy Adler .

Editor information

Editors and Affiliations

  1. Center for Biometrics and Security, Research & National Laboratory of Pattern Recognition, Institute of Automation, Chinese Academy of Sciences, Beijing, China

    Stan Z. Li

  2. Departments of Computer Science and Engineering, Michigan State University, East Lansing, MI, USA

    Anil K. Jain

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer Science+Business Media New York

About this entry

Cite this entry

Adler, A., Schuckers, S.A.C. (2015). Biometric Vulnerabilities, Overview. In: Li, S.Z., Jain, A.K. (eds) Encyclopedia of Biometrics. Springer, Boston, MA. https://doi.org/10.1007/978-1-4899-7488-4_65

Download citation

Publish with us

Policies and ethics

Search

Navigation